Cyber security – how to mitigate the risks
16i, a digital design and development agency, discuss the importance of data protection online….
Last year’s GDPR changes and the more recent data beaches of Facebook and British Airways (BA) mean that data security is at the forefront of everyone’s mind; with business and customers alike being far more attuned to how data is used, transferred and ultimately protected online; making data protection and considerations ever more prominent.
As a digital agency, data security and protection is always a key part of our development process; with the initial discovery stage of any project dedicated to the evaluation of existing processes such as data collection, storage and circulation to identify any data or security risks which may exist. Key examples of this are the use of unprotected spreadsheets, the storage of data on an individual’s machine and/or the transfer of data over email which, whilst they may seem fine for internal processes, open data up to immense risk.
Once the risks have been identified, a number of mitigation measures can be applied – these tend to vary on a per project basis, however typical solutions would be to move all contacts on to a dedicated, online CRM (where data is both encrypted and access password protected), putting systems and databases in place, providing secure transfer through portals, and providing appropriate access to specific data fields based on the requirements of the user at the time (a customer service representative doesn’t need to see the same information as a marketing director).
In addition to the above, website security is of equal importance. Recent cyberattacks to Marriott and Airbnb showcase how easy it is for external sources to obtain access to not only a site, but also the data behind it. With the evolution of online payments and transactions, security measures such as the use of an SSL Certificate (especially if taking payments), database servers not having direct access to the web and in the instance of account log-ins, two-factor authentication should always be offered as standard.
The ever-changing laws and protocol surrounding data protection mean internal processes need to continually be addressed and evaluated – as the BA and Facebook examples prove, data security should never be an afterthought.
With a diverse range of clients and brands throughout the UK and worldwide, 16i are committed to delivering the very best digital products and services. Ultimately helping companies to determine the most appropriate digital approach, we love learning about your challenges and working with you to develop solutions from scratch based on your business sector and needs. Our ethos is to help companies fully explore digital and security options…and well just make things that bit less complicated.
Concerned about the security of your data or would simply like to hear more? The 16i team would be happy to help. T: 01242 654 000 www.16i.co.uk